Re: Bug#286040: please allow permissions.d to follow symlinks

[martin f krafft <madduck@madduck.net>]

[-- Attachment #1: Type: text/plain, Size: 3042 bytes --]

also sprach Greg KH <greg@kroah.com> [2004.12.18.0404 +0100]:
> So, on what "technological level" do you rank the current crop of
> distros (and by "crop" I mean ones that have had a release.) 

I do not rank. Fact is that I will see whether Debian can continue
to use permissions.d and provide the symlink following I initially
requested, simply because I consider policy-based approaches to be
important. Without going comparative, this is going to put Debian on
a different level than other distros which go ahead to dump
permissions.d *with respect to* udev permission handling. This will
make it difficult to converge on a common set of rules.

You told me at Sucon '04 that (one of) your main beef(s) with Debian
is that we do not make patches with improvements available upstream.
I promised you I would look into this and try to improve the
situation. However, reading the archives, talking to Marco, and
looking at bugs, it seems to me that we are banging our heads
against the wall that you hold up, that you simply do not want our
patches. A bystander might conclude from this very case we are
discussing here that you are now crippling upstream just to make
sure it will differ from Debian. Note that this is a bystander, I am
not accusing you of this. You will probably have to agree that it
could be interpreted as such.

I embrace permissions.d because it is in the same spirit that a lot
of things are done in Debian. Unless you give me technical reasons
(read: plain facts) why permissions.d is just wrong, I might be
inclined to support the bystander's opinion...

Why is it wrong to manage device permissions in a central location,
using a scheme that is intuitive to the user because it allows the
user to specify the desired state rather than having to think a lot.

  flash:root:flash:0660

means: make the device available at /dev/flash readable only by root
and members of flash. Whether /dev/flash translates to /dev/sda1 or
/dev/your_mom or /dev/null... who cares?

If a user specifies the above and makes herself a member of flash
and then gets a permission denied error when trying to mount
/dev/flash because she wanted /dev/flash to be readable, not
/dev/whatever, then she will care.

What is the benefit of merging permissions in with rules that
identify and name devices?

If you answered that, please also think about the reasons why Fedora
uses /etc/sysconfig (and Gentoo probably does something similar).

> And why wouldn't all distros benifit from such a set of unified rules?

I am not at all denying this.
How to unify rules when there are differences in opinions?

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
 
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
spamtraps: madduck.bogus@madduck.net
 
"science without religion is lame,
 religion without science is blind."
                                                    -- albert einstein

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]